-
Notifications
You must be signed in to change notification settings - Fork 248
Adding String Literal Sanitizers #2530
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from 1 commit
Commits
Show all changes
5 commits
Select commit
Hold shift + click to select a range
c71920e
adding StringSanitizers so that we can easily do literal replacements…
scbedd a4146e7
resolve two bugs. once misformatted xml comment, one missing paramete…
scbedd d43891f
Missing </param> on all the new constructor details!
scbedd 217707b
most of new sanitizer tests specced out and I just need to grind thro…
scbedd 5d89d3a
finish last additions to sanitizer tests
scbedd File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
43 changes: 43 additions & 0 deletions
43
tools/test-proxy/Azure.Sdk.Tools.TestProxy/Sanitizers/BodyStringSanitizer.cs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,43 @@ | ||
| using Azure.Sdk.Tools.TestProxy.Common; | ||
| using System; | ||
| using System.Text; | ||
|
|
||
| namespace Azure.Sdk.Tools.TestProxy.Sanitizers | ||
| { | ||
| /// <summary> | ||
| /// This sanitizer operates on a RecordSession entry and applies value replacement to the Request and Response bodies contained therein. It ONLY operates on the request/response bodies. Not header or URIs. | ||
| /// </summary> | ||
| public class BodyStringSanitizer : RecordedTestSanitizer | ||
| { | ||
| private string _newValue; | ||
| private string _targetValue; | ||
|
|
||
| /// <summary> | ||
| /// This sanitizer offers regex replace within a returned body. Specifically, this means regex applying to the raw JSON. If you are attempting to simply | ||
| /// replace a specific key, the BodyKeySanitizer is probably the way to go. Regardless, there are examples present in SanitizerTests.cs. | ||
| /// to | ||
| /// <param name="value">The substitution value.</param> | ||
| /// <param name="target">A target string. This could contain special regex characters like "?()+*" but they will be treated as a literal. | ||
| /// <param name="condition"> | ||
| /// A condition that dictates when this sanitizer applies to a request/response pair. The content of this key should be a JSON object that contains configuration keys. | ||
| /// Currently, that only includes the key "uriRegex". This translates to an object that looks like '{ "uriRegex": "when this regex matches, apply the sanitizer" }'. Defaults to "apply always." | ||
| /// </param> | ||
| public BodyStringSanitizer(string target, string value = "Sanitized", ApplyCondition condition = null) | ||
| { | ||
| _targetValue = target; | ||
| _newValue = value; | ||
| Condition = condition; | ||
| } | ||
|
|
||
| public override string SanitizeTextBody(string contentType, string body) | ||
| { | ||
| return StringSanitizer.ReplaceValue(inputValue: body, targetValue: _targetValue, replacementValue: _newValue); | ||
| } | ||
|
|
||
|
|
||
| public override byte[] SanitizeBody(string contentType, byte[] body) | ||
| { | ||
| return Encoding.UTF8.GetBytes(StringSanitizer.ReplaceValue(inputValue: Encoding.UTF8.GetString(body), targetValue: _targetValue, replacementValue: _newValue)); | ||
| } | ||
| } | ||
| } |
68 changes: 68 additions & 0 deletions
68
tools/test-proxy/Azure.Sdk.Tools.TestProxy/Sanitizers/GeneralStringSanitizer.cs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,68 @@ | ||
| using Azure.Sdk.Tools.TestProxy.Common; | ||
| using System.Collections.Generic; | ||
|
|
||
| namespace Azure.Sdk.Tools.TestProxy.Sanitizers | ||
| { | ||
| /// <summary> | ||
| /// This sanitizer operates on a RecordSession entry and applies itself to the Request and Response bodies contained therein. This "general" sanitizer applies the configured string value replacement | ||
| /// to headers, body, and URI. | ||
| /// </summary> | ||
| public class GeneralStringSanitizer : RecordedTestSanitizer | ||
| { | ||
| private string _newValue; | ||
| private string _targetValue; | ||
|
|
||
| private BodyStringSanitizer _bodySanitizer; | ||
| private UriStringSanitizer _uriSanitizer; | ||
|
|
||
| /// <summary> | ||
| /// This sanitizer offers a value replace across request/response Body, Headers, and URI. For the body, this means a string replacement applied directly to the raw JSON. | ||
| /// </summary> | ||
| /// <param name="value">The substitution value.</param> | ||
| /// <param name="target">A target string. This could contain special regex characters like "?()+*" but they will be treated as a literal. | ||
| /// <param name="condition"> | ||
| /// A condition that dictates when this sanitizer applies to a request/response pair. The content of this key should be a JSON object that contains configuration keys. | ||
| /// Currently, that only includes the key "uriRegex". This translates to an object that looks like '{ "uriRegex": "when this regex matches, apply the sanitizer" }'. Defaults to "apply always." | ||
| /// </param> | ||
| public GeneralStringSanitizer(string target, string value = "Sanitized", ApplyCondition condition = null) | ||
| { | ||
| _targetValue = target; | ||
| _newValue = value; | ||
| Condition = condition; | ||
|
|
||
| _bodySanitizer = new BodyStringSanitizer(target, value, condition); | ||
| _uriSanitizer = new UriStringSanitizer(target, value, condition); | ||
| } | ||
|
|
||
| public override void SanitizeHeaders(IDictionary<string, string[]> headers) | ||
| { | ||
| foreach (var headerKey in headers.Keys) | ||
| { | ||
| // Accessing 0th key safe due to the fact that we force header values in without splitting them on ;. | ||
| // We do this because letting .NET split and then reassemble header values introduces a space into the header itself | ||
| // Ex: "application/json;odata=minimalmetadata" with .NET default header parsing becomes "application/json; odata=minimalmetadata" | ||
| // Given this breaks signature verification, we have to avoid it. | ||
| var originalValue = headers[headerKey][0]; | ||
|
|
||
| var replacement = StringSanitizer.ReplaceValue(inputValue: originalValue, targetValue: _targetValue, replacementValue: _newValue); | ||
|
|
||
| headers[headerKey][0] = replacement; | ||
| } | ||
| } | ||
|
|
||
| public override string SanitizeUri(string uri) | ||
| { | ||
| return _uriSanitizer.SanitizeUri(uri); | ||
| } | ||
|
|
||
| public override string SanitizeTextBody(string contentType, string body) | ||
| { | ||
| return _bodySanitizer.SanitizeTextBody(contentType, body); | ||
| } | ||
|
|
||
| public override byte[] SanitizeBody(string contentType, byte[] body) | ||
| { | ||
| return _bodySanitizer.SanitizeBody(contentType, body); | ||
| } | ||
| } | ||
| } |
49 changes: 49 additions & 0 deletions
49
tools/test-proxy/Azure.Sdk.Tools.TestProxy/Sanitizers/HeaderStringSanitizer.cs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,49 @@ | ||
| using Azure.Sdk.Tools.TestProxy.Common; | ||
| using System.Collections.Generic; | ||
|
|
||
| namespace Azure.Sdk.Tools.TestProxy.Sanitizers | ||
| { | ||
| /// <summary> | ||
| /// This sanitizer operates on a RecordSession entry and applies value replacement to the headers contained therein. This sanitizer ONLY applies to the request/response headers, | ||
| /// body and URI are left untouched. | ||
| /// </summary> | ||
| public class HeaderStringSanitizer : RecordedTestSanitizer | ||
| { | ||
| private string _targetKey; | ||
| private string _newValue; | ||
| private string _targetValue; | ||
|
|
||
| /// <summary> | ||
| /// Applies a simple value replacement for a target header key. If it does not exist, no actions will be taken. | ||
| /// </summary> | ||
| /// <param name="key">The name of the header we're operating against.</param> | ||
| /// <param name="target">A target string. This could contain special regex characters like "?()+*" but they will be treated as a literal. | ||
| /// <param name="value">The substitution value.</param> | ||
| /// <param name="condition"> | ||
| /// A condition that dictates when this sanitizer applies to a request/response pair. The content of this key should be a JSON object that contains configuration keys. | ||
| /// Currently, that only includes the key "uriRegex". This translates to an object that looks like '{ "uriRegex": "when this regex matches, apply the sanitizer" }'. Defaults to "apply always." | ||
| /// </param> | ||
| public HeaderStringSanitizer(string key, string target, string value = "Sanitized", ApplyCondition condition = null) | ||
| { | ||
| _targetKey = key; | ||
| _newValue = value; | ||
| Condition = condition; | ||
| } | ||
|
|
||
| public override void SanitizeHeaders(IDictionary<string, string[]> headers) | ||
| { | ||
| if (headers.ContainsKey(_targetKey)) | ||
| { | ||
| // Accessing 0th key safe due to the fact that we force header values in without splitting them on ;. | ||
| // We do this because letting .NET split and then reassemble header values introduces a space into the header itself | ||
| // Ex: "application/json;odata=minimalmetadata" with .NET default header parsing becomes "application/json; odata=minimalmetadata" | ||
| // Given this breaks signature verification, we have to avoid it. | ||
| var originalValue = headers[_targetKey][0]; | ||
|
|
||
| var replacement = StringSanitizer.ReplaceValue(inputValue: originalValue, targetValue: _targetValue, replacementValue: _newValue); | ||
|
|
||
| headers[_targetKey] = new string[] { replacement }; | ||
| } | ||
| } | ||
| } | ||
| } |
34 changes: 34 additions & 0 deletions
34
tools/test-proxy/Azure.Sdk.Tools.TestProxy/Sanitizers/UriStringSanitizer.cs
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| using Azure.Sdk.Tools.TestProxy.Common; | ||
|
|
||
| namespace Azure.Sdk.Tools.TestProxy.Sanitizers | ||
| { | ||
| /// <summary> | ||
| /// General use sanitizer for cleaning URIs via straightforward string replacement. | ||
| /// </summary> | ||
| public class UriStringSanitizer : RecordedTestSanitizer | ||
| { | ||
| private string _newValue; | ||
| private string _targetValue; | ||
|
|
||
| /// <summary> | ||
| /// Runs a simple string replacement against the request/response URIs. | ||
| /// </summary> | ||
| /// <param name="value">The substitution value.</param> | ||
| /// <param name="target">A target string. This could contain special regex characters like "?()+*" but they will be treated as a literal. | ||
| /// <param name="condition"> | ||
| /// A condition that dictates when this sanitizer applies to a request/response pair. The content of this key should be a JSON object that contains configuration keys. | ||
| /// Currently, that only includes the key "uriRegex". This translates to an object that looks like '{ "uriRegex": "when this regex matches, apply the sanitizer" }'. Defaults to "apply always." | ||
| /// </param> | ||
| public UriStringSanitizer(string target, string value = "Sanitized", ApplyCondition condition = null) | ||
| { | ||
| _targetValue = target; | ||
| _newValue = value; | ||
| Condition = condition; | ||
| } | ||
|
|
||
| public override string SanitizeUri(string uri) | ||
| { | ||
| return StringSanitizer.ReplaceValue(inputValue: uri, targetValue: _targetValue, replacementValue: _newValue); | ||
| } | ||
| } | ||
| } |
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Betting on additional requests making this a bit more complicated, hence the one line abstraction.